In the Claims 

This listing of claims replaces all prior versions, and listings, of claims in the application: 

1 . (Canceled) 

2. (Canceled) 

3. (Currently amended) A method comprising: 

a step for conveying electronic digital data in a first protected transfer to deliver a 

permit; 

a step for conveying electronic digital data in a second protected transfer to 
deliver a product^-aftd 

a stop for reconciling complet e transactions from at least on e of incomplet e 
trnnr.nr,tinnR nnd from e v e nts that indicat e intentional interf e renc e , identified by the permit, 
wherein each protected transfer comprises a step for receiving a respective request and a step for 
delivering per the request, receiving being performed by a respective receiving system linked by 
a respective network link to a respective delivering system, receiving being performed 
independently of the delivering system, delivering being performed by the respective delivering 
system in response to, and otherwise independently of, the receiving system and without 
identifying the delivering system . 

4. (Currently amended) The method of claim 3 further comprising: 

a step for receiving at least two reports during a time period; 
a step for grouping reports into tuples of related reports; 
a step for determining whether a particular report is unmatched; 
a step for determining whether a particular tuple is incomplete; and 
a step for providing notice of a breach of security in accordance with at least one 
of whether the particular report is unmatched and whether the particular tuple is incomplete. 

5. (Cancelled) 

6. (Currently amended) The method of claim [[5]] 3 wherein the (source compris e s a 
multipl e subsyst e m facility one receiving system performs for both respective receiving systems . 

7. (Currently amended) The method of claim [[6]] 3 wherein the indicia of identification of 
thn r . rmrr. e identifi e s the multiple subsystem facility delivering per the request comprises a step 
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for delivering via a public network without a firewall between the respective delivering system 
and the public network . 

8. (Currently amended) The method of claim [[6]] 3 wherein the multiple subsystem 
facility compris e s : 

a first subsyst e m for conv e ying delivering system conveys the permit responsive 
to a public network link to the respective receiving system ; and 

a second subsyst e m for conv e ying th e portion of th e e l e ctronic digital data 
delivering system conveys the product responsive to a public network link to the respective 
receiving system.^ -and 

a private n e twork coupling the first subsyst e m to th e s e cond subsyst e m. 

9. (Cancelled) 

10. (Cancelled) 

1 1 . (Currently amended) The method of claim [[5]] 3 wherein a portion of the permit is 
encrypted. 

12. (Currently amended) The method of claim [[5]] 3 wherein the request for the e l e ctronic 
digital data product comprises at least a portion of the permit. 

13. (Cancelled) 

14. (Cancelled) 

15. (Currently amended) The method of claim [[5]] 3 wherein the consum e r subsyst e m 
compris e s a brows e r that initiates th e r e qu e st for th e p e rmit and the r e qu e st for the el e ctronic 
digital data product each respective request is received via a public network link . 

16. (Currently amended) The method of claim [[5]] 3 wherein the electronic digital data 
product comprises at least one of a digital work, a file, an audio recording, a video recording, an 
executable program, a document, a multimedia program, and content. 

17. (Currently amended) The method of claim [[5]] 3 wherein the step for conveying the 
portion of the el e ctronic digital data product comprises a step for downloading the e l e ctronic 
digital data product in entirety. 

18. (Currently amended) The method of claim [[5]] 3 wherein the step for conveying the 
portion of the e l e ctronic digital data product comprises a step for streaming the electronic digital 
data product. 

19. (Cancelled) 
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20. (Cancelled) 

21. (Cancelled) 

22. (Cancelled) 

23. (Currently amended) The method of claim [[5]] 3 wherein the step for conveying the 
permit comprises: 

a step for detecting a prerequisite event, the event being at least one of receiving 
th e first a notice that payment for the permit has been assured by a provided process, assuring 
being in response to receiving by the process a request for the permit from a consumer subsystem 
and determining a network address of the consumer subsystem; and 

a step for conveying electronic digital data across an interface and from a port in 
accordance with a protocol that denies entry into a state for transferring electronic digital data of 
the permit unless the event is detected. 

24. (Currently amended) The method of claim [[5]] 3 wherein the step for conveying the 
portion of th e e l e ctronic digital data product comprises: 

a step for detecting a prerequisite event, the event being at least one of receiving 
th e s e cond a notice, receiving at least a portion of the permit, receiving a key for encrypting the 
portion of th e e l e ctronic digital data product, and determining a network address of th e consum e r 
subsyst e m for delivering the product ; and 

a step for conveying electronic digital data across an interface and from a port in 
accordance with a protocol that denies entry into a state for transferring electronic digital data of 
the product unless the event is detected. 

25. (Currently amended) A system comprising: 

means for conveying electronic digital data in a first protected transfer to deliver a 

permit; 

means for conveying electronic digital data in a second protected transfer to 
deliver a productf-and 

m e ans for r e conciling compl e te transactions from at l e ast on e of incompl e t e 
transactions and from e v e nts that indicat e int e ntional int e rf e r e nc e , identified by the permit, 
wherein each protected transfer comprises receiving a respective request and delivering per the 
request receiving being performed by a respective means for receiving linked by a respective 
network link to a respective means for delivering, receiving being performed independently of 

4 Docket No. 46030.00030 



delivering, delivering being performed by the respective means for delivering in response to, and 
otherwise independently of, receiving and without identifying the means for delivering . 

26. (Currently amended) The system of claim 25 further comprising: 

second means for receiving at least two reports during a time period; 
means for grouping reports into tuples of related reports; 
means for determining whether a particular report is unmatched; 
means for determining whether a particular tuple is incomplete; and 
means for providing notice of a breach of security in accordance with at least one 
of whether the particular report is unmatched and whether the particular tuple is incomplete. 

27. (Cancelled) 

28. (Currently amended) The system of claim [[27]] 25 wher e in the sourc e compris e s a 
multipl e subsyst e m facility one means for receiving performs for both respective means for 
receiving . 

29. (Currently amended) The system of claim [[28]] 25 wherein the indicia of identity of th e 
source comprises indicia of id e ntity of th e multiple subsystem facilit y delivering per the request 
comprises delivering via a public network without a firewall between the respective means for 
delivering and the public network . 

30. (Currently amended) The system of claim [[28]] 25 wherein th e multipl e subsyst e m 
facility compris e s : 

a first subsyst e m for conv e ying means for delivering conveys the permit 
responsive to a public network link to the respective means for receiving ; and 

a second subsyst e m for conv e ying the portion of the e lectronic digital data means 
for delivering conveys the product responsive to a public network link to the respective means 
for receiving.j -and 

a privat e n e twork coupling th e first subsyst e m to th e s e cond subsyst e m. 

31. (Cancelled) 

32. (Cancelled) 

33. (Currently amended) The system of claim [[27]] 25 wherein a portion of the permit is 
encrypted. 

34. (Currently amended) The system of claim [[27]] 25 wherein the request for the el e ctronic 
digital data product comprises at least a portion of the permit. 
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35. (Cancelled) 

36. (Cancelled) 

37. (Currently amended) The system of claim [[27]] 25 wherein the consumer subsyst e m 
compris e s a brows e r that initiat e s th e r e quest for th e p e rmit and th e r e quest for the e l e ctronic 
digital data produc t each respective request is received via a public network link . 

38. (Currently amended) The system of claim [[27]] 25 wherein the el e ctronic digital data 
product comprises at least one of a digital work, a file, an audio recording, a video recording, an 
executable program, a document, a multimedia program, and content. 

39. (Currently amended) The system of claim [[27]] 25 wherein the means for conveying the 
portion of the e l e ctronic digital data product comprises means for downloading the e l e ctronic 
digital data product in entirety. 

40. (Currently amended) The system of claim [[27]] 25 wherein the means for conveying the 
portion of the electronic digital data product comprises means for streaming the electronic digital 
data product. 

41. (Cancelled) 

42. (Cancelled) 

43. (Cancelled) 

44. (Cancelled) 

45. (Currently amended) The system of claim [[27]] 25 wherein the means for conveying the 
permit comprises: 

means for detecting a prerequisite event, the event being at least one of receiving 
th e first a notice that payment for the permit has been assured by a provided process, assuring 
being in response to receiving by the process a request for the permit from a consumer subsystem 
and determining a network address of the consumer subsystem; and 

means for conveying electronic digital data across an interface and from a port in 
accordance with a protocol that denies entry into a state for transferring electronic digital data of 
the permit unless the event is detected. 

46. (Currently amended) The system of claim [[27]] 25 wherein the means for conveying the 
portion of th e e l e ctronic digital data product comprises: 

means for detecting a prerequisite event, the event being at least one of receiving 
the s e cond a notice, receiving at least a portion of the permit, receiving a key for encrypting the 



6 



Docket No. 46030.00030 



portion of th e e l e ctronic digital data product, and determining a network address of th e consumer 
subsyst e m for delivering the product ; and 

means for conveying electronic digital data across an interface and from a port in 
accordance with a protocol that denies entry into a state for transferring electronic digital data of 
the product unless the event is detected. 

47. (Currently amended) A method for reducing the risk of unauthorized access to an 
electronic digital data product, the method comprising: 

conveying electronic digital data in a first protected transfer to deliver a permit; 
conveying electronic digital data in a second protected transfer to deliver a 

producti-and 

reconciling compl e t e transactions from at l e ast one of incompl e te transactions and 
from ev e nts that indicate int e ntional int e rf e r e nc e , identified by the permit, wherein each 
protected transfer comprises receiving a respective request and delivering per the request, 
receiving being performed by a respective receiving system linked by a respective network link 
to a respective delivering system, receiving being performed independently of the delivering 
system, delivering being performed by the respective delivering system in response to, and 
otherwise independently of, the receiving system and without identifying the delivering system . 

48. (Cancelled) 

49. (Cancelled) 

50. (Currently amended) The method of claim [[49]] 47 wherein the source compris e s a 
multipl e subsyst e m facility one receiving system performs for both respective receiving systems . 

5 1 . (Currently amended) The method of claim [[50]] 47 wherein th e indicia of id e ntity of th e 
sourc e compris e s indicia of id e ntity of the multipl e subsyst e m facility delivering per the request 
comprises delivering via a public network without a firewall between the respective delivering 
system and the public network . 

52. (Currently amended) The method of claim [[51]] 47 wherein the multiple subsystem 
facility compris e s : 

a first subsystem for conv e ying delivering system conveys the permit responsive 
to a public network link to the respective receiving system ; and 
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a second subsyst e m for conveying the portion of tho el e ctronic digital data 
delivering system conveys the product responsive to a public network link to the respective 
receiving svstem.i -afid 

a private network coupling the first subsystem to th e s e cond subsystem. 

53. (Cancelled) 

54. (Cancelled) 

55. (Currently amended) The method of claim [[54]] 47 wherein a portion of the permit is 
encrypted. 

56. (Currently amended) The method of claim [[55]] 47 wherein the request for the 
electronic digital data product comprises at least a portion of the permit. 

57. (Cancelled) 

58. (Cancelled) 

59. (Currently amended) The method of claim [[58]] 47 wherein tho consumer subsyst e m 
compris e s a brows e r that initiates the requ e st for th e p e rmit and th e r e qu e st for th e e l e ctronic 
digital data product each respective request is received via a public network link . 

60. (Previously presented) The method of claim [[59]] 47 wherein the electronic digital data 
product comprises at least one of a digital work, a file, an audio recording, a video recording, an 
executable program, a document, a multimedia program, and content. 

61 . (Previously presented) The method of claim [[60]] 47 wherein conveying the portion of 
th e e l e ctronic digital data product comprises downloading the electronic digital data product in 
entirety. 

62. (Previously presented) The method of claim [[61]] 47 wherein conveying the portion of 
th e el e ctronic digital data product comprises streaming the electronic digital data product. 

63. (Currently amended) The method of claim [[62]] 47 wherein conveying the permit 
comprises: 

detecting a prerequisite event, the event being at least one of receiving th e first a 
notice that payment for the permit has been assured by a provided process, assuring being in 
response to receiving by the process a request for the permit from a consumer subsystem and 
determining a network address of the consumer subsystem; and 
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conveying electronic digital data across an interface and from a port in accordance 
with a protocol that denies entry into a state for transferring electronic digital data of the permit 
unless the event is detected. 

64. (Currently amended) The method of claim [[63]] 47 wherein conveying the portion of 
the electronic digital data product comprises: 

detecting a prerequisite event, the event being at least one of receiving th e s e cond 
a notice, receiving at least a portion of the permit, receiving a key for encrypting the portion of 
the e l e ctronic digital data product, and determining a network address of th e consum e r 
subsystem for delivering the product ; and 

conveying electronic digital data across an interface and from a port in accordance 
with a protocol that denies entry into a state for transferring electronic digital data of the 
electronic digital data product unless the event is detected. 

65. (Previously presented) The method of claim [[64]] 47 further comprising: 

receiving at least two reports during a time period; 
grouping reports into tuples of related reports; 
determining whether a particular report is unmatched; 
determining whether a particular tuple is incomplete; and 

providing notice of a breach of security in accordance with at least one of whether 
the particular report is unmatched and whether the particular tuple is incomplete. 

66. (Currently amended) A system for communicating with a client having a client port, the 
system comprising: 

a first port that conducts a first transaction with the client port to establish a 
request for a permit and that conducts a second transaction with the client port to establish a 
request for a data product, the request for a data product comprising at least a portion of a permit, 
the first port comprising a first plurality of processes; 

a second port that provides a permit to the client port in accordance with the 
request for the permit, the second port comprising a second plurality of processes; and 

a third port that provides a data product to the client port in accordance with the 
request for the data product, the third port comprising a third plurality of processes; wherein 
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processes of the first plurality and second plurality are coupled to convey at least 
a portion of the request for the permit and a portion of the request for the data product to the 
second plurality of processes; and 

processes of the second plurality and third plurality are coupled to convey at least 
the portion of the request for the data product to the third plurality of processes.[[; and]] 

proc e ss e s of th e third plurality ar e coupl e d to r e concil e compl e t e transactions 
from at least on e of incompl e t e transactions and from e v e nts that indicat e int e ntional 
int e rf e r e nc e . 

67. (Previously presented) The system of claim 66 wherein the second port is associated 
with a first network address and the third port is associated with a second network address. 

68. (Previously presented) The system of claim 67 wherein the first port is associated with a 
third network address. 

69. (Previously presented) The system of claim 68 wherein the second port provides the 
permit according to a protocol that provides a barrier to access. 

70. (Currently amended) The system of claim 69 wherein information is not provided that 
would facilitate access beyond the permit and the data product is not provid e d . 

71 . (Previously presented) The system of claim 70 wherein the omitted information includes 
an identifier associated with at least one of the second port and the third port. 

72. (Currently amended) The system of claim [[71]] 66 wherein the second port is enabled 
for providing the permit without action by the client port subsequent to receiving , by the second 
port, the request for the permit. 

73. (Currently amended) The system of claim [[72]] 66 wherein the third port is enabled for 
providing the data product without action by the client port subsequent to receivin g, by the 
second port, the request for the data product. 

74. (Previously presented) The system of claim [[73]] 66 wherein at least one of the permit 
and the request for the data product comprises a network address associated with the client port. 

75. (Previously presented) The system of claim [[74]] 66 wherein at least two of the first 
port, the second port, and the third port are hosted on one processor. 

76. (Currently amended) A system for permitting authorized access by a client , the system 
comprising: 
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and for coop e rating with a provid e d first interface that accesses a request for a 
permit, the request for a permit originating on the client, and that accesses a request for a data 
product, the request for a data product originating on the client and comprising including at least 
a portion of a p e rmit, th e syst e m comprising: permit; 

a second interface that provides access to the permit across the second interface to 
the client, wherein: 

the second interface comprises a first link between the system and 
the client for delivery of the permit; and 

the first link is enabled in accordance with at least a portion of the 

request for the permit; and 

a third interface that provides access to a data product across the third interface to 
the client, wherein: 

the third interface comprises a second link between the system and 
the client for delivery of the data product; and 

the second link is enabled in accordance with at least a portion of 
the request for the data product, thereby conditionally permitting authorized access to the data 
product [[; and]] 

th e third int e rfac e r e conciles compl e t e transactions from at l e ast 
on e of incompl e t e transactions and from e v e nts that indicat e int e ntional int e rf e r e nc e . 

77. (Previously presented) The system of claim 76 wherein the data product comprises at 
least one of a digital work, a file, an audio recording, a video recording, an executable program, a 
document, a multimedia program, and content. 

78. (Previously presented) The system of claim [[77]] 76 wherein access of a data product 
comprises at least one of receiving at least a portion of the data product over a network, 
executing at least a portion of the data product, reading at least a portion of the data product, and 
recalling at least a portion of the data product from a storage device. 

79. (Previously presented) The system of claim [[78]] 76 wherein the second interface is 
associated with a first network address and the third interface is associated with a second 
network address. 

80. (Previously presented) The system of claim 79 wherein the first interface is associated 
with a third network address. 
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81. (Cancelled) 

82. (Currently amended) The system of claim [[81]] 76 wherein the delivery of at least one 
of the permit and the data product comprises data transfer according to a protocol that provides a 
barrier to access of at least one of the permit and the data product. 

83. (Previously presented) The system of claim 82 wherein information is not provided that 
would facilitate access beyond the permit and the data product. 

84. (Currently amended) The system of claim 83 wherein the omitted information includes 
at l e ast on e of an identifier associated with at least one of the second interface and the third 
interface. 

85. (Cancelled) 

86. (Currently amended) A method comprising: 

a step for conveying electronic digital data in a first prot e ct e d transfer to deliver a 

permit; and 

a step for conveying electronic digital data in a second prot e ct e d transfer to 
deliver a product; 

a step for receiving a plurality of reports comprising reports transmitted in 
response to requests for permits and reports transmitted in response to attempted accesses of 
products; and 

a step for identifying, as indicated by a set of reports of the plurality, at least one 
of incomplete transactions and events that indicate unauthorized attempted access, wherein each 
complete transaction comprises delivery of a product specified in a delivered permit . 

87. (Currently amended) A system comprising: 

means for conveying electronic digital data in a first prot e ct e d transfer to deliver a 

permit; and 

means for conveying electronic digital data in a second prot e cted transfer to 
deliver a product; 

means for receiving a plurality of reports comprising reports transmitted in 
response to requests for permits and reports transmitted in response to attempted accesses of 
products; and 
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means for identifying, as indicated by a set of reports of the plurality, at least one 
of incomplete transactions and events that indicate unauthorized attempted access, wherein each 
complete transaction comprises delivery of a product specified in a delivered permit . 

88. (New) A method for delivering a permit, the method comprising: 

a step for receiving a request for the permit, the permit for requesting access to a 
data product, receiving being performed by a receiving system linked by a network link to a 
delivering system, receiving being performed independently of the delivering system; and 

a step for delivering per the request, delivering being performed by the delivering 
system in response to, and otherwise independently of, the receiving system and without 
identifying the delivering system. 

89. (New) A system for delivering a permit, the method comprising: 

means for receiving a request for the permit, the permit for requesting access to a 
data product, receiving being performed by a receiving system linked by a network link to a 
delivering system, receiving being performed independently of the delivering system; and 

means for delivering per the request, delivering being performed by the delivering 
system in response to, and otherwise independently of, the receiving system and without 
identifying the delivering system. 

90. (New) A method for selling a permit to a user comprising: 

a step for conducting a financial transaction by operation of at least one process 
hosted on a first computer system; and 

a step for issuing the permit by operation of at least one process hosted on a 
second computer system; wherein 

the first system communicates with the user via a first network link and 
communicates with the second system via a second network link; and 

the second system issues the permit to the user in response to and otherwise 
independently of the first system and without disclosing an identity of the second system. 

91 . (New) A method for reducing risk of unauthorized access by a user to stored data, the 
user issuing a request, the method comprising: 

a step for conducting a validation of the request by operation of at least one 
process hosted on a first computer system; and 
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a step for delivering the data by operation of at least one process hosted on a 
second computer system; wherein 

the first system communicates with the user via a first network link and 
communicates with the second system via a second network link; and 

the second system delivers the data to the user in response to and otherwise 
independently of the first system and without disclosing an identity of the second system. 

92. (New) A method for reducing risk of unauthorized access by a user to stored data, the 
user issuing a request, the method comprising: 

a step for conducting a financial transaction by operation of at least one process 
hosted on a first computer system; 

a step for issuing the permit by operation of at least one process hosted on a 
second computer system; wherein: 

the first system communicates with the user via a first network link 
and communicates with the second system via a second network link; and 

the second system issues the permit to the user in response to and 
otherwise independently of the first system and without disclosing an identity of the second 
system; 

a step for conducting a validation of the request by operation of at least one 
process hosted on the first computer system; and 

a step for delivering the data in accordance with the permit by operation of at least 
one process hosted on the second computer system; wherein: 

the first system communicates with the user via a first network link 
and communicates with the second system via a second network link; and 

the second system delivers the data to the user in response to and 
otherwise independently of the first system and without disclosing an identity of the second 
system. 

93. (New) A system for selling a permit to a user comprising: 

a first computer subsystem that hosts at least one process enabling the system to 
conduct a financial transaction; and 

a second computer subsystem that hosts at least one process enabling the system 
to issue the permit; wherein 
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the first subsystem communicates with the user via a first network link and 
communicates with the second subsystem via a second network link; and 

the second subsystem issues the permit to the user without disclosing an identity 
of the second subsystem and in a manner that is independent of the first subsystem. 

94. (New) A system for reducing risk of unauthorized access by a user to stored data, the user 
issuing a request, the system comprising: 

a first computer subsystem that hosts at least one process enabling the system to 
conduct a validation of the request; and 

a second computer subsystem that hosts at least one process enabling the system 
to deliver the data; wherein 

the first subsystem communicates with the user via a first network link and 
communicates with the second subsystem via a second network link; and 

the second subsystem delivers the data to the user in response to and otherwise 
independently of the first system and without disclosing an identity of the second system. 

95. (New) A method for reducing risk of unauthorized access by a user to data stored on a 
first computer system, the user issuing a request, the method comprising: 

conducting a financial transaction by operation of at least one process hosted on a 
first computer system; 

issuing the permit by operation of at least one process hosted on a second 
computer system; wherein: 

the first system communicates with the user via a first network link 
and communicates with the second system via a second network link; and 

the second system issues the permit to the user without disclosing 
an identity of the second system and in a manner that is independent of the first system; 

conducting a validation of the request by operation of at least one process hosted 
on the first computer system; and 

delivering the data by operation of at least one process hosted on the second 
computer system; wherein: 

the first system communicates with the user via a first network link 
and communicates with the second system via a second network link; and 
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the second system delivers the data to the user without disclosing 
an identity of the second system and in a manner that is independent of the first system. 
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